Proactive defense system based on truth virtual network, and method

A virtual network and active defense technology, applied in the field of network security, can solve problems such as potential safety hazards, difficulty in accurately identifying attackers' attack paths, complex internal processes, etc., and achieve the effect of reducing the burden

Inactive Publication Date: 2018-09-14
广州锦行网络科技有限公司
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Faced with a lot of scattered information, users cannot fully and intuitively understand system security vulnerabilities, overall attack status, and security protection effects, and cannot meet the needs of predicting system security vulnerabilities and implementing defensive measures in advance
[0004] 2) With the continuous change of attack methods, some advanced attacks are currently highly concealed. Traditional security protection methods rely more on static rules to detect attack events, and cannot deal with attacks using undisclosed vulnerabilities.
In other words, the larger the enterprise, the more complete the security system, and the more complicated the internal process of patching vulnerabilities, resulting in a longer defense gap period
During this window time, the attacker can completely use the vulnerability to carry out internal network attack translation, and establish a covert control channel in other locations. At this time, the entire network becomes untrustworthy. Vulnerability patching can only prevent subsequent attacks. For successful attacks Meaningless
[0006] 4) Due to the restrictions of relevant legal provisions, offensive and defensive technology has become a highly sensitive area, resulting in a large loss of talents with actual offensive and defensive combat experience
At present, traditional security vendors pay too much attention to terminal defense in their understanding of security attack and defense, and have no idea of ​​the current attack and defense situation of traditional core enterprise intranets.
[0007] 5) The level of information security technology of media practitioners is uneven, and reports related to information security incidents often mislead the general public and even corporate security managers
[0008] 6) Not daring to face up to the existence of loopholes, resulting in a large number of repeated security constructions limited to border defenses, trying to create an unbreakable system, but not paying enough attention to internal network security threats
[0009] 7) Insufficient understanding of the concept of network attacks makes most security management equipment unable to play their due role, and even become a security risk when used improperly
[0011] 1) Based on the judgment of rules and experience, once an unknown safety problem occurs, it cannot be effectively dealt with;
[0012] 2) It is difficult to accurately identify the attacker and comprehensively record the attack path of the attacker;
[0013] 3) Based on passive defense technology, it is difficult to effectively induce attackers to stay away from real business systems;
[0014] 4) In the offensive and defensive confrontation, it is impossible to effectively counter the attacker, and it is difficult to achieve effective traceability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Proactive defense system based on truth virtual network, and method
  • Proactive defense system based on truth virtual network, and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] Such as figure 1 , an active defense system based on an authentic virtual network, including the following modules that communicate with each other in a signal loop:

[0045] Attack detection module 1, used to detect various types of attack behaviors, and achieve real-time alarm;

[0046] Decoy guidance module 2, used to trick attackers into continuously attacking false targets in the system;

[0047] Vulnerability simulation module 3, through the use of real virtual hosts and networks to build a real vulnerability system, attracting attackers to successfully attack;

[0048] Attack isolation module 4, the attacker is completely isolated from the real environment in the authentic virtual network of the system, and the authentic virtual network of the system will not become a springboard for the attacker;

[0049] Behavior recording module 5, which is used to comprehensively record various attack behaviors of attackers;

[0050] The intelligent analysis module 6 is us...

Embodiment 2

[0054] Such as figure 1 and figure 2 , an active defense system based on an authentic virtual network, including the following modules that communicate with each other in a signal cycle:

[0055] Attack detection module 1, used to detect various types of attack behaviors, and achieve real-time alarm;

[0056] Decoy guidance module 2, used to trick attackers into continuously attacking false targets in the system;

[0057] Vulnerability simulation module 3, through the use of real virtual hosts and networks to build a real vulnerability system, attracting attackers to successfully attack;

[0058] Attack isolation module 4, the attacker is completely isolated from the real environment in the authentic virtual network of the system, and the authentic virtual network of the system will not become a springboard for the attacker;

[0059] Behavior recording module 5, which is used to comprehensively record various attack behaviors of attackers;

[0060] The intelligent analysi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a proactive defense system based on a truth virtual network, and a method. The system comprises the following modules in signal circulation communication: an attack detection module, a tricking guidance module, a vulnerability simulation module, an attack isolation module, a behavior recording module, an intelligent analysis module, an attack playback module and an attack countering module. The implementation method of the proactive defense system based on the truth virtual network follows a D3I network proactive defense model, and the D3I network proactive defense model comprises the following modules in signal circulation communication: a detection module, a deception module, an inception module and a defense counterattack module. The proactive defense system realizes accurate identification of attackers, effectively tricks and isolates the attackers to be far away from real service networks, comprehensively records, playbacks and intelligently analyzes attackbehaviors and counterattacks the attackers more effectively.

Description

technical field [0001] The invention relates to a network defense system, in particular to an active defense system and method based on an authentic virtual network, which belongs to the technical field of network security. Background technique [0002] The harm caused by the leakage of sensitive data and personal information continues to expand, and fraudulent ransomware is raging on the Internet. Under this severe security situation, a comprehensive security defense system is required. However, the current security defense system faces the following common problems: [0003] 1) At present, various security products are used to detect attack threats in the network and maintain the safe operation of the network. However, these security measures generally can only play a specific role within a certain range, and lack effective data fusion and collaborative management mechanisms among each other. Faced with a lot of scattered information, users cannot fully and intuitively un...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0209H04L63/1416H04L63/1466H04L63/1491
Inventor 胡鹏王俊卿吴建亮
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap